If you have any questions about the way your personal information is handled, please contact us at the address below.
Kalevantie 7C, 6F
33100 Tampere, Finland
+358 10 205 4455
(Charge 8,35 ct/call + 16,69 ct/min)
Customer Registry of the WordDive service.
Information submitted by the user during registration:
In order to register for the WordDive service and to use the service, the User has to provide their name, email address, preferred password for the user ID (email address) and the country where the service is being accessed from.
If the User registers for the service through Facebook, the Company will know the User’s Facebook username.
In addition, the User has the option to voluntarily give the following information during registration or use: phone number, year of birth, gender, first language, and where they heard about the service. The reason for asking the phone number is for providing customer service. Information about age, gender and first language is used to develop the service, optimise the exercises and setting the default translation language. Information about where the User heard about the service is used for marketing development purposes.
Information collected automatically during registration:
Personal User identifier
Time of registration
Free sample activation data
User interface language
Information generated automatically during use of the service:
First login day
Start and end date of licence
Login data (”Remember me” cookies)
Offer campaign data
Analytics data (Google Analytics)
User’s achievements in the mobile app
Hints and reminders shown to User
Time from last password change
Information submitted or selected by the User during use of the service:
Audio files generated by User doing speaking exercises
Wrong answers (not connected to individual users)
Feedback on study material (optional)
User recommendations (optional)
Friends added by User (optional)
Receivers of User’s weekly reports (optional)
Study group data (for organisation users)
User’s exams (prep course users)
Grade guarantee refund data (prep course users)
Newsletter subscription or unsubscription
General service usage settings
User’s course-specific settings
User’s language-specific settings
Other information collected and handled for purposes described in section 5:
Notes added manually by customer service or R&D
Information about which emails sent by WordDive the User has opened
The information specified in section 4 is collected and processed for the following purposes:
Use of the service
User email address and password are required for registering and logging in to the service. During purchase events, information related to the purchase, such as the chosen course package and the duration of the licence, is stored so that we can deliver the User the service the User has bought. Information about country is required to set the correct currency and tax.
The WordDive service is based on personal optimisation (profiling), which requires storing information such as the User’s exercise data, including selected, written and recorded answers. Optional information, such as age and gender, is also used to develop the service and optimise the exercises. Information about first language is used to set the default translation language.
The profile formed as a result of this optimisation consists of information collected from the User during registration and use of the service. This information is necessary for individual optimisation of the service.
Much of the other information specified in section 4 is required to use the different features of the service. For example, certificates are sent based on stored results, and rewards for recommendations are given based on stored information about recommendations. The settings selected by the user are stored in order to adjust the functioning of the service according to the User’s wishes.
Research and development
The development of WordDive’s features and exercise algorithm is based on different tests and statistical analysis of User behaviour data stored in the database, as well as User learning results. The data used in research and development is not traceable to an individual User. According to the applicable data protection legal framework, the analysis is made statistically using a large mass of data (e.g. all Users learning English), where the information is stored anonymously and individual Users are no longer identifiable.
Customer service and informing Users
The User’s contact information, payment information and exercise information is also required to answer customer support requests. These requests usually involve looking at the User’s information and exercise data in WordDive’s management panel and checking payment information in various payment service providers’ management panels. User email addresses are also required for informing purposes.
Marketing platform pixels and other similar techniques collect information about Users’ movement and actions in the WordDive service. This information can be used to show them targeted advertising. The purpose of targeted advertising, e.g. in Facebook and Google, is to show each consumer advertisements for products and services the consumer is interested in rather than completely random advertisements.
The User has the right to resist this kind of profiling-based advertising or withdraw consent by disabling ”Targeting cookies” from the website’s cookie settings.
The User’s personal information is also handled while fulfilling the Company’s legal duties, such as taxation and accounting. For accounting and taxation purposes, the Company must know e.g. which products the Users have purchased, how much the products cost, which payment service provider was used and which country the purchases were made from (country information affects e.g. the amount of Value Added Tax). User contact information is required in case any problems or misuse issues related to payments arise.
Changes or additions to information usage purposes
In case there are essential changes to the usage purposes of personal information or new purposes are taken into use, the Company will inform the User in advance before carrying out the changes. In these cases, the Company must also ask the User’s consent to such essentially changed or new usage.
There are six legal grounds for processing personal information defined in the EU data protection regulation. These are:
WordDive collects and processes personal information mainly on the grounds of conset, performance of a contract, grounds related to the Company’s compliance with legal obligations, and legitimate interests.
Grounds related to performance of a contract means that certain information has to be collected from the User to make it technically possible to use and purchase the service.
Compliance with a legal obligation means processing personal information e.g. for the purposes of performing the Company’s duties related to accounting and taxation.
The Company may have legitimate interests related to the following functions among others: customer service, handling of misuse cases, product and service development.
The collecting and processing of all information listed in section 4 is based on some of these legal grounds. If you would like to get a more detailed explanation of these legal grounds, you may request it by email at firstname.lastname@example.org.
If the User does not want to submit personal information which is required on the grounds of performance of contract, grounds related to the Company’s compliance with legal obligations or the Company’s other legitimate interests, the service cannot be used.
Personal information is collected mainly from the Users themselves, either directly or through cookies (see section 14). Information is also generated automatically during registration, purchase and use of the service (see section 4).
If necessary, personal information can also be collected and updated from other registries of the Company and other companies in the same enterprise group or the registries of third parties (e.g. credit information register).
Personal information will be shared with payment service providers which charge for products and services ordered from WordDive. Certain personal information will also be transmitted to the ISO 27001 certified Freshdesk software, which is used in customer service, as well as the MailChimp software, which is used to send newsletters and operates under the EU-U.S. Privacy Shield Framework.
Certain purchase data is also transmitted to Google and Facebook in order to monitor the efficacy of our advertising campaigns. However, Google and Facebook are not able to connect the transaction data transmitted to them to individual persons.
In addition, purchase data is transmitted to software used in affiliate marketing, such as Tradetracker or Tradedoubler. This means, for example, that if a User discovers WordDive through a blog post and makes a purchase through a link in the blog, the blogger may get a small commission from the purchase. The purchase data still cannot be traced back to the User personally.
WordDive transfers personal data in its customer registry to the MailChimp service for the purposes of email marketing in accordance with applicable data protection legal framework.
The WordDive.com website and the WordDive mobile app are located on the Finnish cloud service provider Nebula’s servers in Helsinki. Parts of the service are located on the reliable international AWS (Amazon Web Services) servers in Ireland. Both Nebula and Amazon are ISO 27001 certified.
WordDive may share information about the User to other third parties if the User has consented to it. WordDive may also use other subcontractors not mentioned here to handle the User’s information, if such usage happens according to the requirements of the EU Data Protection Regulation. WordDive is responsible to the User for the subcontractors’ processing of personal information as well as its own. WordDive uses contractual arrangements to ensure that subcontractors are operating under obligation of confidentiality and that they will carry out the appropriate technical and organisational actions in connection to processing personal information.
WordDive may also transfer information to a company belonging to the same business group as well as during company reorganisation.
The companies mentioned in section 8, namely Facebook, Google, Freshdesk, Mailchimp, and Amazon, are located outside the EU. However, they are all large, reliable operators that have many clients in the EU area and that follow the principles of the EU Data Protection Regulation.
More information about data protection in these companies as well as their international data protection certificates can be found at the following links:
WordDive does not check the correctness of the information submitted by the User. Users logged in to the service can check and change their settings related to the use of the service, as well as the personal information submitted during registration.
The User has the right to request a copy of all other information concerning themselves from the WordDive customer service, as well as the right to request correction of any possible incorrect information in the system from the customer service. The copy can be requested by email at email@example.com. Requesting a copy is free in principle. However, WordDive may charge a reasonable fee for repeated information requests on the grounds of administrative expenses, or refuse to perform the action requested by the User if the request is clearly baseless and unreasonable.
The User can delete their own user account through the service settings. The User also has the right to request the Company to delete all the User’s personal information from the WordDive database. Information deletion can be requested by email at firstname.lastname@example.org.
All other information apart from that which is required by official authorities (e.g. payment transaction data for accounting) and data generated by the use of the service and required for research and development (e.g. written or recorded answers) can be deleted from the database manually. Note that data generated by use of the service for exercises cannot, after other information has been deleted, be connected to the User. In other words, it becomes anonymous information as recommended by the applicable data protection legal framework.
Refusing direct marketing
The User can forbid the use of their information for direct marketing purposes, marketing research and opinion polls. WordDive uses the MailChimp software for practically all marketing letters and research invitations. The User can unsubscribe from these by filling in the Unsubscribe form or by clicking the newsletter unsubscribing link that can be found in the footer of each newsletter.
Limiting information processing
The User can forbid the use of their information on the so-called Top List, which displays the Users’ first names, the initial of their last names, and the sum of their progress in the service during a certain period of time, e.g. one week. There are two Top Lists: one for the friends added by the User and one for all Users. The purpose of the lists is to motivate the Users and their friends to learn languages.
The Company has the right to save the User’s photo if the User has given the Company the right to use it. The User always retains the right to decide where the picture can be shown or if it can be shown at all.
The User has the right to transfer the information concerning them from one registry keeper to another. In matters concerning transferring information, please contact email@example.com.
Right to withdraw consent
If the User has consented to personal data processing which is not based on performance of contract, the Company’s compliance with legal obligations or the Company’s legitimate interests, the User also has the right to withdraw this consent. Withdrawing consent can be done by notifying firstname.lastname@example.org.
Right to file notice of appeal to authorities
If the User is of the opinion that WordDive does not comply with the Finnish Personal Data Act or the requirements of the EU Data Protection Regulation, the User has the right to file notice of appeal to an authority. In Finland, this authority is the Data Protection Ombudsman.
WordDive will store User and usage information for a minimum of one year after the end of the User’s last subscription period, unless the User specifically requests to have the information deleted. After this, the information may be deleted from the registry during database clean-ups carried out at certain intervals according to the current practice.
Notwithstanding the above and for the sake of clarity, it should be noted that information related to purchase events may be stored even after this time, to the extent and for the time the service provider believes it necessary to store this information in order to carry out accounting and other legal obligations.
In order to monitor the use of the service and to make it possible, cookies may be introduced to the User’s computer at times. Cookies make it possible for the Company to provide the User with a service that takes the User’s wishes and preferences into account.
Cookies can also be used to give the User better offers and more personal product recommendations, either directly or through an external service, such as Google or Facebook.
In addition, cookies are used to monitor the number of visitors in the service. Parts of the website require accepting cookies in order to function. Targeting cookies can be disabled from the cookie settings.
Advertisement settings can also be managed in the User’s own Facebook or Google account:
Cookies can also be managed on the computer by using a service designed for that purpose, such as Disconnect.
For more information concerning browser-based online marketing and online privacy:
All persons handling the registry possess personal user permission (username, password and level of rights) from the registry keeper. These persons are operating under a non-disclosure agreement or are otherwise legally obligated to confidentiality. The personal information of Users is accessible only by persons who need this information to do their work. These include the customer service personnel and technical staff of the service.
WordDive will, to the best of its ability, strive to offer the service in such a way that external parties will not get unlawful access to the User's information or communications. Other parties connected to providing the service (e.g. network or mobile operators) are responsible for their own data security.
WordDive strives to offer the service following the principle of Privacy by Default. Personal information is processed in pseudonymous or anonymous form whenever possible. The information content of the registry is technically secured and back-ups are made regularly.
WordDive carries out the appropriate technical and organisational actions in connection to processing personal information, especially in order to protect personal information from data security breaches. If, despite this, a data security breach (accidental or illegal destruction, loss, altering, unlawful transfer or access, which causes a high risk to the Users’ rights and freedoms) should happen, we will inform the Users of the risk, its likely effects, and the recommended actions for counteracting its harmful effects without delay.